"Just because virtualization changes your security environment doesn't mean that the problems it creates are insoluble, or that life suddenly got unimaginably more complicated," Snyder says. "Instead, realize that security in a virtual server environment is different. You may have think differently and use different tools to achieve the same level of security and risk management you have had in the past."
Even Hoff, a vocal critic of virtualization security, is seeing traces of the cloud's illusive silver lining. He notes that the who's who of security vendors are retooling their applications to take advantage of VMware's vNetwork/VMsafe APIs. Check Point, Symantec, McAfee, Trend Micro and others are working on tighter, better integration.
"Operationally and technically there is a lot more integration and tightening going on," he says. One recent example of that integration was VMware acquiring BlueLane Technologies, the maker of solutions that protect both physical and logical infrastructure, including ServerShield and VirtualShield. The company has of late focused wisely on the latter, which provides application-aware firewalling, inter-VM flow visibility and analytics, application policy control, and intrusion prevention capabilities, Hoff says.
Coupled with the introspection capabilities provided by VMware's vNetwork/VMsafe API's natively, the integration of BlueLane's solution sets will add to the basal capabilities of the platform itself and will allow customers the flexibility to construct more secure virtualized operating environments, he adds.
"I think it's actually an excellent move as it continues on the path of not only helping to ensure that the underlying virtualization platform is more secure, but the elements that ride atop on it are equally security enabled also," Hoff says.
Of course, security experts warn, all the vendor activity in the world won't help a company that dives headlong into the cloud without thinking through the risks first. As long as companies fail to grasp the nuts and bolts of virtualization, dangers remain.